• 0115 824 8244
Logo Logo
  • Home
  • About us
  • Services
    • IT Support
    • IT Security
    • Teams Voice
  • Case Studies
  • News
  • Contact us

Oracle chief criticises Amazon’s cloud security amid row over defence contract

  • Home
  • Blog Details
October 25 2018
  • Cloud News
  • Security

Amazon Web Services is one of the most popular cloud platforms, but Larry Ellison, Oracle’s executive chairman, has spoken out, criticising Amazon’s security.

Speaking at Oracle’s annual user conference in San Francisco earlier this month, Ellison was scathing about Amazon’s security measures as well as taking a swipe at Google and Facebook over their recent data breach issues.

Pay-as-you-cloud

Ellison’s comments were largely aimed at the pay-as-you-go nature of cloud computing, where infrastructure is rented to customers. The popularity of the cloud is largely due to virtualisation, a technology which allows providers to split their client’s data across multiple servers so that some machines may be holding data from multiple companies. This allows the service provider to extract greater performance from its machines.

Although virtualisation should ensure that data from different companies remains separate – even though it’s sitting on the same system – Ellison contends that there are risks in the way Amazon does this. Because the control code that runs AWS sits on the same machines as the data, he believes that it could be possible for hackers to change the code and thus gain access to data from other businesses.

In his speech to the conference, he said that this is, “a fundamental problem with the architecture of the cloud.” He went on to say that Oracle would never put control code and customer data on the same machine in this way.

Theoretical threat

It should be pointed out, however, that the threat Ellison outlined is – at the moment – purely theoretical. To date, no one has actually carried out such an attack. All cloud computing providers are keen to stress that their security arrangements are superior to their competitors.

Recent high profile breaches at major companies have naturally brought information security into the public consciousness, as has new legislation such as GDPR which means breaches must be reported on a strict timescale.

Major contracts

Amazon remains a major player in the cloud computing space, with the technology and retail giant accounting for more than 50 percent of the global market. It’s also seen as a front-runner for the US government’s Joint Enterprise Defense Infrastructure (JEDI) contract, which could be worth around $10 billion over the next decade. JEDI is intended to store classified data and help enable new weaponry.

Oracle, another bidder for the contract, has raised concerns that if the JEDI contract is awarded to a single vendor it could lock the government into legacy technology and run counter to it’s commitment to competition and innovation.

Other companies, including IBM and Microsoft, have also criticised the government’s decision to award JEDI to a single provider. IBM sees it as being against the White House’s ‘Cloud Smart’ policy which is aimed at ensuring the best options from both government and commercial companies are used. There are also concerns that having just one provider will offer adversaries a single target to aim at, introducing greater risk.

The business that wins the contract will not only get substantial government funding but will also be well placed when it comes to getting other government business in the future. Google has already announced that it doesn’t intend to bid for the contract.

The Pentagon has defended its decision to opt for a single provider, with a spokesperson saying, “Starting with a number of firms while at the same time trying to build out an enterprise capability just simply did not make sense.” Using more than one cloud provider is seen as adding unnecessary complexity to the process. A number of legal challenges are expected to delay the awarding of the contract.

Previous Post Next Post

Leave a Comment

Recent Posts

  • Protecting your central networks and data as everyone goes mobile
  • Mobile devices still crucial to businesses despite the known security risks
  • Millions of LinkedIn accounts leaked
  • Most employees do not consider security issues when WFH
  • Credential theft attacks are soaring

Archives

  • July 2021
  • June 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • November 2020
  • October 2020
  • September 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • November 2017

Categories

  • Cloud News
  • E-Mail Protection
  • IT Support News
  • Security
  • SharePoint Development
Logo

Microsoft Partner Nottingam

Services

  • IT Support
  • Phone Systems
  • IT Security

Contact Info

We're available via email or on the number below.

  • Email: hello@cloudworks.co.uk
  • Contact: 0115 824 8244

© Copyright 2021. Cloudworks

  • Privacy Policy
  • Terms and Conditions
Go to mobile version